Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201101-04 (aria2)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.69040

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201101-04 (aria2)

Resumen: The remote host is missing updates announced in;advisory GLSA 201101-04.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201101-04.

Vulnerability Insight:
A directory traversal vulnerability has been found in aria2.

Solution:
All aria2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/aria2-1.9.3'

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1512
BugTraq ID: 40142
http://www.securityfocus.com/bid/40142
Bugtraq: 20100513 Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/511280/100/0/threaded
Debian Security Information: DSA-2047 (Google Search)
http://www.debian.org/security/2010/dsa-2047
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html
http://security.gentoo.org/glsa/glsa-201101-04.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:106
http://secunia.com/secunia_research/2010-71/
http://www.osvdb.org/64592
http://secunia.com/advisories/39529
http://secunia.com/advisories/39872
http://secunia.com/advisories/42906
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://www.vupen.com/english/advisories/2010/1228
http://www.vupen.com/english/advisories/2010/1229
http://www.vupen.com/english/advisories/2011/0116

Copyright Copyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.69040
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201101-04 (aria2)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201101-04.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201101-04. Vulnerability Insight: A directory traversal vulnerability has been found in aria2. Solution: All aria2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/aria2-1.9.3' CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1512 BugTraq ID: 40142 http://www.securityfocus.com/bid/40142 Bugtraq: 20100513 Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511280/100/0/threaded Debian Security Information: DSA-2047 (Google Search) http://www.debian.org/security/2010/dsa-2047 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041753.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041754.html http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041758.html http://security.gentoo.org/glsa/glsa-201101-04.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:106 http://secunia.com/secunia_research/2010-71/ http://www.osvdb.org/64592 http://secunia.com/advisories/39529 http://secunia.com/advisories/39872 http://secunia.com/advisories/42906 SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html SuSE Security Announcement: SUSE-SR:2010:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://www.vupen.com/english/advisories/2010/1228 http://www.vupen.com/english/advisories/2010/1229 http://www.vupen.com/english/advisories/2011/0116
Copyright	Copyright (C) 2011 E-Soft Inc.